From d38602f9580532ff8fddbad9eac6964003183df8 Mon Sep 17 00:00:00 2001 From: Teodor Calin Date: Fri, 29 May 2026 12:10:48 -0700 Subject: [PATCH] fix(test): update zz_compat_wss_test auth payload for PILOT-145 timestamp (PILOT-348) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR #9 added a server-issued timestamp to the WSS auth-challenge payload and updated zz_coverage_test.go's helper to sign 'compat_auth:nodeID:ts:nonce'. zz_compat_wss_test.go was missed in that pass — its dialCompatWSS helper still signed the pre-PILOT-145 'compat_auth:nodeID:nonce' format, so the server rejected with StatusPolicyViolation reason='auth failed' and TestEnableCompatWSS_HappyPath failed on main since the merge. Same fix shape as zz_coverage_test.go in #9: - add Timestamp int64 `json:"ts"` field to authChallengeMsg - include ch.Timestamp in the signed payload Closes PILOT-348. --- zz_compat_wss_test.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/zz_compat_wss_test.go b/zz_compat_wss_test.go index 489439b..94e9f28 100644 --- a/zz_compat_wss_test.go +++ b/zz_compat_wss_test.go @@ -23,8 +23,9 @@ import ( // types in the wss server — we duplicate them here so this test can // drive the WSS bridge without importing the internal daemon client. type authChallengeMsg struct { - Type string `json:"type"` - Nonce string `json:"nonce"` + Type string `json:"type"` + Nonce string `json:"nonce"` + Timestamp int64 `json:"ts"` } type authReplyMsg struct { @@ -69,7 +70,7 @@ func dialCompatWSS(t *testing.T, addr string, id *crypto.Identity, nodeID uint32 } // 2. Sign and reply. - signed := []byte(fmt.Sprintf("compat_auth:%d:%s", nodeID, ch.Nonce)) + signed := []byte(fmt.Sprintf("compat_auth:%d:%d:%s", nodeID, ch.Timestamp, ch.Nonce)) sig := id.Sign(signed) reply := authReplyMsg{ Type: "auth_reply",